changeset: 10977:d5dd22356194 in /raid/repos/sudo
details: https://www.sudo.ws/repos/sudo/rev/d5dd22356194
user: Todd C. Miller <Todd.Miller at courtesan.com>
date: Mon May 29 14:32:53 2017 -0600
Log Message:
Fix for CVE-2017-1000367, parsing of /proc/pid/stat on Linux when
the process name contains spaces. Since the user has control over
the command name this could be used by a user with sudo access to
overwrite an arbitrary file.
Thanks to Qualys for investigating and reporting this bug.
Also stop performing a breadth-first traversal of /dev when looking
for the device. Only the directories specified in search_devs[]
are checked.
diffstat:
src/ttyname.c | 141 ++++++++++++++++++++++++---------------------------------
1 files changed, 60 insertions(+), 81 deletions(-)